Sajal Kayan

In a CDN'd world, OpenDNS is the enemy!

Mon, May 17, 2010
Tweet
Vote on HN
While many people are happy with using DNS service providers such as OpenDNS, Google, etc... I will show you here why they may not produce optimal results.
The way most CDNs work is by using DNS routing. When a user attempts to resolve a hostname, the CDN's DNS server responds with an IP which is closest based on the IP address of the requester. A more detailed insight into the workings of a CDN can be found on an earlier post "Make your own cheap charlie CDN"
For my test here, I tested from the following locations listed below :-

Akamai ( profile.ak.fbcdn.net ) - AFAIK they have a POP in almost all countries including Thailand. Note: Akamai does not entertain sales queries from Thai companies.

Results:-

1) Internap ( using cdn.thaindian.com )

Location

Opendns

Google

Local

IP Returned

Ping to IP (ms)

IP Returned

Ping to IP (ms)

IP Returned

Ping to IP (ms)

True (Thailand)

64.94.126.65

256

74.201.0.130

365

203.190.126.131

152

Softlayer (US-East Coast)

69.88.152.250

1.253

74.201.0.130

25.69

69.88.152.250

1.388

EC2 (US-East Coast)

69.88.152.250

2.144

74.201.0.130

20.229

69.88.152.250

2.094

EC2 (Europe)

77.242.194.130

13.331

64.7.222.130

159.422

77.242.194.130

12.504

EC2 (Singapore)

64.94.126.65

202

74.201.0.130

228

202.58.12.98

37.260

Com Hem (Sweden)

77.242.194.130

40.035

64.7.222.130

189.647

69.88.148.130

36.310

Tata (India)

64.7.222.130

313.2

64.74.124.65

304.1

203.190.126.131

150

2) Akamai ( using profile.ak.fbcdn.net )

Location

Opendns

Google

Local

IP Returned

Ping to IP (ms)

IP Returned

Ping to IP (ms)

IP Returned

Ping to IP (ms)

True (Thailand)

208.50.77.112

239.4

60.254.185.83

138.9

58.97.45.59

18.88

Softlayer (US-East Coast)

72.246.31.57

1.312

72.246.31.42

1.262

24.143.196.88

0.877

EC2 (US-East Coast)

72.246.31.73

2.581

72.246.31.25

1.792

72.247.242.51

1.941

EC2 (Europe)

195.59.150.139

13.449

92.122.207.177

29.022

195.59.150.138

13.516

EC2 (Singapore)

208.50.77.94

202

60.254.185.73

71.7

124.155.222.10

7.052

Com Hem (Sweden)

217.243.192.8

51.73

92.123.69.82

35.972

92.123.155.139

13.212

Tata (India)

209.18.46.113

300

203.106.85.33

196

125.252.226.58

100.5

The ping timings represent the lag to the destination server from the location in question. I will try to update the results from more locations if I can get shell access to a server or PC in other countries. If you are willing to run the tests for me please contact me(or post in comments)

Conclusion

Using OpenDNS or Google Public DNS may be fast in resolving the DNS, but they do not give the ideal results.
In the case of Global DNS providers, the IP of the original requester is not passed along to the CDN's DNS servers so they are unable to route the user to the nearest POP.
As you can see in the result tables above, when using OpenDNS from Thailand, trying to access static assets of Facebook, I am directed to a server in the USA whereas when using Google's DNS i am directed to a server in Japan and when using my ISP's DNS server I access content locally, hosted within my own ISPs network!
While the effect on large websites using CDN is significant, smaller non-CDN'd websites are also effected. Most websites embed widgets, advertising and other assets which are likely to be CDN'd.
The solution would be to use your ISPs DNS server rather than these Global providers. If they really suck so bad, its fairly simple to set up BIND as a caching recursive resolver to resolve hostnames directly bypassing the ISPs crappy service.
Bill Fumerola, ex-director of network engineering at OpenDNS confirms this problem on OpenDNS forums.
You can run the tests from your own computer using this simple script: dnstest.py
Here is the named.conf for a recursive server. Set your computer to use 127.0.0.1 as the DNS. - config may differ for you, RTFM and adapt accordingly.